From 20c6924d5e3f2615f9132bf730e7e2fd9206a336 Mon Sep 17 00:00:00 2001
From: Tomas Mraz <tomas@openssl.org>
Date: Fri, 12 Apr 2024 15:37:58 +0200
Subject: fuzz/decoder.c: Limit the EVP_PKEY_param_check on DHX keys as well

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/24126)

(cherry picked from commit 8d8a0144303374f69f73fc944dd55c68600d15e5)
---
 fuzz/decoder.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/fuzz/decoder.c b/fuzz/decoder.c
index c7b6d02f73..4888c5cd40 100644
--- a/fuzz/decoder.c
+++ b/fuzz/decoder.c
@@ -68,7 +68,8 @@ int FuzzerTestOneInput(const uint8_t *buf, size_t len)
          * Param check will take too long time on large DH parameters.
          * Skip it.
          */
-        if (!EVP_PKEY_is_a(pkey, "DH") || EVP_PKEY_get_bits(pkey) <= 8192)
+        if ((!EVP_PKEY_is_a(pkey, "DH") && !EVP_PKEY_is_a(pkey, "DHX"))
+            || EVP_PKEY_get_bits(pkey) <= 8192)
             EVP_PKEY_param_check(ctx);
 
         EVP_PKEY_public_check(ctx);
-- 
cgit v1.2.3